Search CVE reports
11 – 12 of 12 results
Some fixes available 6 of 10
Inadequate encryption strength in .NET, .NET Framework, Visual Studio allows an authorized attacker to disclose information over a network.
5 affected packages
dotnet6, dotnet7, dotnet8, dotnet9, dotnet10
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| dotnet6 | Not in release | Not in release | Vulnerable | Not in release | Not in release |
| dotnet7 | Not in release | Not in release | Ignored | Not in release | Not in release |
| dotnet8 | Not in release | Fixed | Fixed | Not in release | Not in release |
| dotnet9 | Not in release | Not in release | Not in release | Not in release | Not in release |
| dotnet10 | Not affected | Needs evaluation | Not in release | Not in release | Not in release |
Some fixes available 8 of 12
Improper link resolution before file access ('link following') in .NET allows an authorized attacker to elevate privileges locally.
5 affected packages
dotnet6, dotnet7, dotnet8, dotnet9, dotnet10
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| dotnet6 | Not in release | Not in release | Vulnerable | Not in release | Not in release |
| dotnet7 | Not in release | Not in release | Ignored | Not in release | Not in release |
| dotnet8 | Not in release | Fixed | Fixed | Not in release | Not in release |
| dotnet9 | Not in release | Not in release | Not in release | Not in release | Not in release |
| dotnet10 | Fixed | Needs evaluation | Not in release | Not in release | Not in release |